2 Replies Latest reply on Sep 8, 2010 6:54 AM by isAbiel

    Security - Authenticating calls from Flex app


      Hi guys,


      I'm kinda new to the flex world. I wrote an application in Flex and found out that all the code is visible by decoding programs. I've some web service calls that I make from my Flex app. Now the issue is any body who can see the code can make webservice call and do any thing. The webservice calls should be made only from my Flex app. So somehow I should know who's making that call. I feel like I should refactor my webservice methods to take some additional parameters, but I'm not sure.


      So how do I authenticate flex call? or know the call is actually made from my Flex app in some browser? and not from a malicious user.


      Flex calls my web services over secure https line.


      thanks in advance.